The following Fedora 20 Security updates need testing: Age URL 21 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-2013.2.3-3.fc20 13 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 11 https://admin.fedoraproject.org/updates/FEDORA-2014-5972/python-fmn-web-0.2.4-3.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-6098/rubygem-actionpack-4.0.0-4.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-6120/mariadb-galera-5.5.37-2.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6277/dpkg-1.16.14-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6258/smb4k-1.1.2-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6263/botan-1.10.8-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6276/seamonkey-2.26-1.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-6288/qemu-1.6.2-5.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-6303/perl-LWP-Protocol-https-6.04-4.fc20 1 https://admin.fedoraproject.org/updates/FEDORA-2014-6338/dovecot-2.2.13-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6357/kernel-3.14.4-200.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6373/zabbix-2.0.12-1.fc20 The following Fedora 20 Critical Path updates have yet to be approved: Age URL 8 https://admin.fedoraproject.org/updates/FEDORA-2014-6064/gupnp-0.20.11-1.fc20 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5992/pcmanfm-qt-0.1.0-5.fc20,pcmanfm-1.2.0-1.fc20,libfm-1.2.0-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-6101/policycoreutils-2.2.5-4.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6364/xorg-x11-drv-synaptics-1.7.6-2.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6346/xorg-x11-server-1.14.4-9.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6366/btrfs-progs-3.14.1-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6084/selinux-policy-3.12.1-163.fc20 The following builds have been pushed to Fedora 20 updates-testing btrfs-progs-3.14.1-1.fc20 duplicity-0.6.24-2.fc20 gnome-chemistry-utils-0.14.8-1.fc20 kernel-3.14.4-200.fc20 mingw-physfs-2.0.3-4.fc20 mod_intercept_form_submit-0.9.7-1.fc20 mod_lookup_identity-0.9.1-1.fc20 nagios-plugins-bonding-1.4-1.fc20 perl-Fedora-Rebuild-0.12.0-1.fc20 perl-IO-Socket-SSL-1.955-2.fc20 psi4-4.0-0.11.0c7ea92git.fc20 python-humanize-0.5-4.fc20 rxvt-unicode-9.20-2.fc20 selinux-policy-3.12.1-163.fc20 stompclt-1.2-1.fc20 vdr-epg2vdr-0.1.10-1.20140513git9479831.fc20 xl2tpd-1.3.6-1.fc20 xorg-x11-drv-synaptics-1.7.6-2.fc20 xorg-x11-server-1.14.4-9.fc20 zabbix-2.0.12-1.fc20 Details about builds: ================================================================================ btrfs-progs-3.14.1-1.fc20 (FEDORA-2014-6366) Userspace programs for btrfs -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 22 2014 Eric Sandeen <sandeen@xxxxxxxxxx> 3.14.1-1 - New upstream release * Wed Apr 16 2014 Eric Sandeen <sandeen@xxxxxxxxxx> 3.14-1 - New upstream release * Mon Jan 20 2014 Eric Sandeen <sandeen@xxxxxxxxxx> 3.12-2 - Add proper Source0 URL, switch to .xz -------------------------------------------------------------------------------- ================================================================================ duplicity-0.6.24-2.fc20 (FEDORA-2014-6356) Encrypted bandwidth-efficient backup using rsync algorithm -------------------------------------------------------------------------------- Update Information: add build requires on python-setuptools -------------------------------------------------------------------------------- ChangeLog: * Mon May 12 2014 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.6.24-2 - add build requires on python-setuptools * Mon May 12 2014 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.6.24-1 - update to 0.6.24 - drop patch for documentation and remove it directly in spec -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095899 - Error creating password protected backup over DejaDup https://bugzilla.redhat.com/show_bug.cgi?id=1095899 [ 2 ] Bug #1087200 - Backup failed cannot read .cache/deja-dup/tmp file CRC error https://bugzilla.redhat.com/show_bug.cgi?id=1087200 -------------------------------------------------------------------------------- ================================================================================ gnome-chemistry-utils-0.14.8-1.fc20 (FEDORA-2014-6363) A set of chemical utilities -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream release: * https://savannah.nongnu.org/forum/forum.php?forum_id=7975 -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 0.14.8-1 - Updated to 0.14.8 -------------------------------------------------------------------------------- ================================================================================ kernel-3.14.4-200.fc20 (FEDORA-2014-6357) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.14.4 stable update contains a number of important fixes across the tree -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.14.4-200 - Linux v3.14.4 * Mon May 12 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2014-3144/CVE-2014-3145 filter: prevent nla from peeking beyond eom (rhbz 1096775, 1096784) * Fri May 9 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2014-1738 CVE-2014-1737 floppy: priv esclation (rhbz 1094299 1096195) * Thu May 8 2014 Neil Horman <nhorman@xxxxxxxxxx> - Fix dma unmap error in jme driver (rhbz 1082266) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1096775 - CVE-2014-3144 CVE-2014-3145 Kernel: filter: prevent nla extensions to peek beyond the end of the message https://bugzilla.redhat.com/show_bug.cgi?id=1096775 [ 2 ] Bug #1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command https://bugzilla.redhat.com/show_bug.cgi?id=1094299 -------------------------------------------------------------------------------- ================================================================================ mingw-physfs-2.0.3-4.fc20 (FEDORA-2014-6368) MinGW compiled physfs library to provide abstract access to various archives -------------------------------------------------------------------------------- Update Information: initial import of mingw-physfs -------------------------------------------------------------------------------- References: [ 1 ] Bug #957346 - Review Request: mingw-physfs - MinGW compiled physfs library to provide abstract access to various archives https://bugzilla.redhat.com/show_bug.cgi?id=957346 -------------------------------------------------------------------------------- ================================================================================ mod_intercept_form_submit-0.9.7-1.fc20 (FEDORA-2014-6348) Apache module to intercept login form submission and run PAM authentication -------------------------------------------------------------------------------- Update Information: Rebase to 0.9.7: add support for InterceptFormLoginRealms. -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Jan Pazdziora <jpazdziora@xxxxxxxxxx> - 0.9.7-1 - No longer call lookup_identity_hook explicitly, hook order does the same. - Silence compile warnings by specifying C99. * Tue Apr 15 2014 Jan Pazdziora <jpazdziora@xxxxxxxxxx> - 0.9.6-1 - Add support for InterceptFormLoginRealms. -------------------------------------------------------------------------------- ================================================================================ mod_lookup_identity-0.9.1-1.fc20 (FEDORA-2014-6352) Apache module to retrieve additional information about the authenticated user -------------------------------------------------------------------------------- Update Information: Rebase to 0.9.1: add support for +VARIABLE to append/only set when unset. -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Jan Pazdziora <jpazdziora@xxxxxxxxxx> - 0.9.1-1 - Address code issues revealed by coverity scan. - Minor README fixes. * Tue May 13 2014 Jan Pazdziora <jpazdziora@xxxxxxxxxx> - 0.9.0-1 - Add support for '+'-prefixed note/variable names. - Silence compile warnings by specifying C99. - Fix format of logs of dbus calls. -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-bonding-1.4-1.fc20 (FEDORA-2014-6362) Nagios plugin to monitor Linux bonding interfaces -------------------------------------------------------------------------------- Update Information: Upstream release 1.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #887821 - Review Request: nagios-plugins-bonding - Nagios plugin to monitor Linux bonding interfaces https://bugzilla.redhat.com/show_bug.cgi?id=887821 -------------------------------------------------------------------------------- ================================================================================ perl-Fedora-Rebuild-0.12.0-1.fc20 (FEDORA-2014-6344) Rebuilds Fedora packages from scratch -------------------------------------------------------------------------------- Update Information: This release fixes spurious failures reporting missing working directory. It improves performance in the dependency solver. It provides new tool rebuildreset and documentation for Fedora::Rebuild::Solver module. -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 0.12.0-1 - 0.12.0 bump -------------------------------------------------------------------------------- ================================================================================ perl-IO-Socket-SSL-1.955-2.fc20 (FEDORA-2014-6355) Perl library for transparent SSL -------------------------------------------------------------------------------- Update Information: This update fixes the function KEY_free in IO::Socket::SSL::Utils, which was calling the wrong underlying function in Net::SSLeay due to a typo in the code. -------------------------------------------------------------------------------- ChangeLog: * Wed May 14 2014 Paul Howarth <paul@xxxxxxxxxxxx> - 1.955-2 - Fix typo in Utils.pm (#1097640, CPAN RT#95633) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097640 - IO::Socket:SSL::Utils::KEY_free() dies with: Can't locate auto/Net/SSLeay/EVP_KEY_fre.al https://bugzilla.redhat.com/show_bug.cgi?id=1097640 -------------------------------------------------------------------------------- ================================================================================ psi4-4.0-0.11.0c7ea92git.fc20 (FEDORA-2014-6351) An ab initio quantum chemistry package -------------------------------------------------------------------------------- Update Information: Update to newest git snapshot. -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 4.0-0.11.0c7ea928git - Update to newest git snapshot. - Remove BR: ruby-devel. * Mon Mar 10 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 4.0-0.10.b5 - Rebuild against updated libint. * Sat Jan 4 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 4.0-0.9.b5 - Drop %?_isa from virtual provide of -static package (BZ #951582). -------------------------------------------------------------------------------- ================================================================================ python-humanize-0.5-4.fc20 (FEDORA-2014-6360) Turns dates in to human readable format, e.g '3 minutes ago' -------------------------------------------------------------------------------- Update Information: First version of package in Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1088882 - Review Request: python-humanize - Turns dates in to human readable format, e.g '3 minutes ago' https://bugzilla.redhat.com/show_bug.cgi?id=1088882 -------------------------------------------------------------------------------- ================================================================================ rxvt-unicode-9.20-2.fc20 (FEDORA-2014-6341) Unicode version of rxvt -------------------------------------------------------------------------------- Update Information: Remove Fedora-specific patches that change expected default behavior. -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 9.20-2 - There is no need for the patches below, as they change the behavior of our package and break the principle of least astonishment. - Remove Fedora-specific patch to scroll up/down one line. Any users wanting this behavior can create their own key bindings. - Remove Fedora-specific patch to open new tabs with Control-t. Any users wanting this behavior can create their own key bindings. - The popular 'tabbed' extension can now work properly (#1096791). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1096791 - Shift+Down does not open new tab https://bugzilla.redhat.com/show_bug.cgi?id=1096791 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.12.1-163.fc20 (FEDORA-2014-6084) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Allow keystone to connect to ldap servers, Add additional caps for neutron_t, apcuspd_t can send signull to any domain, Update sandbox_transition() to call sandbox_dyntrasition() BZ 885288 , gear_t execs ip which for some reason is mounting content on sysfs and / -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.12.1-163 - Add missing dyntransition for sandbox_x_domain * Mon May 12 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-162 - More rules needed for openshift/gear in rhel7 - svirt sandbox domains to read gear content in /run. Allow gear_t to manage openshift files - Allow mozilla plugins to use /dev/sr0 - Dontaudit logrotate executing systemctl command attempting to net_admin - Allow neutron execute arping in neutron_t - Allow nova-scheduler to read passwd file - Fix zabbix_can_network boolean to have this boolean for all zabbix domains - Allow openwsman to execute chkpwd and make this domain as unconfined for F20. - Add openwsman_tmp_t rules - Allow ulogd to request the kernel to load a module - Add support for /usr/local/Brother labeling. We removed /usr/local equiv. - Systectl_net_t can be a lnk_file - Fix path to mmap_min_addr - Any app that executes systemctl will attempt a net_admin * Wed May 7 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-161 - Allow keystone to connect to ldap servers - Add additional caps for neutron_t - apcuspd_t can send signull to any domain - Update sandbox_transition() to call sandbox_dyntrasition(). #885288. - gear_t execs ip which for some reason is mounting content on sysfs and / * Mon May 5 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-160 - Dontaudit leaked xserver_misc_device_t into plugins - Allow all domains to search through all base_file_types, this should be back ported to RHEL7 policy - Bootloader wants to look at init state - init reads kdbump etc files - userdom_search_admin_dir() calling needs to be optional in kernel.te - Fix labeling for /root/\.yubico - Allow httpd_t to kill passenger - Add new labeling for /var/spool/smtpd - Dontaudit leaked xserver_misc_device_t into plugins - Backport exim policy from rawhide to F20 - Allow apache cgi scripts to use inherited httpd_t unix_stream_sockets - Add back kerberos_keytab_template() for exim+f20. - ALlow stap-server to get attr on all fs - Allow mysql to execute ifconfig if Red Hat OpenStack - Fix virt_use_samba in virt.te * Fri May 2 2014 Lukas Vrabec <lvrabec@xxxxxxxxxx> 3.12.1-159 - Add support for us_cli ports - Fix labeling for /var/run/user/<UID>/gvfs - add support for tcp/9697 - Additional rules required by openstack, needs backport to F20 and RHEL7 - Additional access required by docker - ALlow motion to use tcp/8082 port -------------------------------------------------------------------------------- References: [ 1 ] Bug #1094551 - SELinux is preventing /usr/sbin/ssmtp from 'create' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1094551 [ 2 ] Bug #1095450 - SELinux is preventing /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/java from 'ioctl' accesses on the blk_file . https://bugzilla.redhat.com/show_bug.cgi?id=1095450 [ 3 ] Bug #1095851 - SELinux is preventing /usr/local/Brother/Printer/HL2270DW/inf/brprintconflsr3 from 'write' accesses on the file . https://bugzilla.redhat.com/show_bug.cgi?id=1095851 [ 4 ] Bug #1070960 - SELinux is preventing /usr/sbin/apcupsd from using the 'signull' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=1070960 [ 5 ] Bug #1082456 - SELinux preventing OpenSMTPD from sending mail https://bugzilla.redhat.com/show_bug.cgi?id=1082456 [ 6 ] Bug #1087109 - SELinux policy preventing apcupsd-cgi from working https://bugzilla.redhat.com/show_bug.cgi?id=1087109 [ 7 ] Bug #1090669 - Keystone need boolean to enable access to LDAP https://bugzilla.redhat.com/show_bug.cgi?id=1090669 [ 8 ] Bug #1090954 - SELinux is preventing /usr/libexec/gvfsd-fuse from 'mounton' accesses on the directory . https://bugzilla.redhat.com/show_bug.cgi?id=1090954 [ 9 ] Bug #1091681 - SELinux is preventing /usr/bin/motion from 'accept' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=1091681 [ 10 ] Bug #1092755 - SELinux is preventing /usr/lib/nspluginwrapper/plugin-config from read, write access on the chr_file . https://bugzilla.redhat.com/show_bug.cgi?id=1092755 [ 11 ] Bug #1093700 - SELinux is preventing /usr/sbin/httpd from using the 'sigkill' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=1093700 [ 12 ] Bug #1066071 - exim with pam authentication prevented by selinux-policy-targeted https://bugzilla.redhat.com/show_bug.cgi?id=1066071 -------------------------------------------------------------------------------- ================================================================================ stompclt-1.2-1.fc20 (FEDORA-2014-6371) Versatile STOMP client -------------------------------------------------------------------------------- Update Information: Update to upstream, rhbz #1097055. -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Alexandre Beche <alexandre.beche@xxxxxxxxx> 1.2-1 - Update to upstream, rhbz #1097055. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1097055 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=1097055 -------------------------------------------------------------------------------- ================================================================================ vdr-epg2vdr-0.1.10-1.20140513git9479831.fc20 (FEDORA-2014-6350) A plugin to retrieve EPG data from a mysql database into VDR -------------------------------------------------------------------------------- Update Information: rebuild for new git release 0.1.10 rebuild for new git release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1093408 - Review Request: vdr-scraper2vdr - A client plugin which provides scraped metadata from EPGD to other plugins https://bugzilla.redhat.com/show_bug.cgi?id=1093408 -------------------------------------------------------------------------------- ================================================================================ xl2tpd-1.3.6-1.fc20 (FEDORA-2014-6349) Layer 2 Tunnelling Protocol Daemon (RFC 2661) -------------------------------------------------------------------------------- Update Information: Updated to 1.3.6 which fixes listening on the ANY address, systemd fixes, and revert of ipparam manipulation -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 1.3.6-1 - Updated to 1.3.6 - using github-only monstrosity packaging - Resolves: rhbz#1051785 (new upstream version available) - Resolves: rhbz#868391 xl2tpd sends response packets from wrong IP address - Revert: rhbz#929447 Incorrect "ipparam" manipulation - Resolves: rhbz#1055196 Don't order service after syslog.target - Resolves: rhbz#984332 xl2tpd tmpfiles configuration file in wrong directory - Removed patches merged in upstream. - FIPS patch updated with advertising clause for openssl in xl2tpd -V (although the GPL code was already basically taken from openssl) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1051785 - xl2tpd-1.3.7dev1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1051785 [ 2 ] Bug #868391 - xl2tpd sends response packets from wrong IP address https://bugzilla.redhat.com/show_bug.cgi?id=868391 [ 3 ] Bug #929447 - Incorrect "ipparam" manipulation https://bugzilla.redhat.com/show_bug.cgi?id=929447 [ 4 ] Bug #1055196 - Don't order service after syslog.target. https://bugzilla.redhat.com/show_bug.cgi?id=1055196 [ 5 ] Bug #984332 - xl2tpd tmpfiles configuration file in wrong directory https://bugzilla.redhat.com/show_bug.cgi?id=984332 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-synaptics-1.7.6-2.fc20 (FEDORA-2014-6364) Xorg X11 Synaptics touchpad input driver -------------------------------------------------------------------------------- Update Information: - synaptics 1.7.6, contains all the fixes we've already been shipping, but now in a proper release - Set Option "HasSecondarySoftButtons" "on" in 50-synaptics.conf for devices with the touchpad_softbutton_top udev quirk, to keep topbuttons working on kernels which don't set INPUT_PROP_TOPBUTTONPAD - Add W540 to 70-touchpad-quirks.rules as touchpad_softbutton_top (#1096436) -------------------------------------------------------------------------------- ChangeLog: * Wed May 14 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.7.6-2 - Set Option "HasSecondarySoftButtons" "on" in 50-synaptics.conf for devices with the touchpad_softbutton_top udev quirk, to keep topbuttons working on kernels which don't set INPUT_PROP_TOPBUTTONPAD - Add W540 to 70-touchpad-quirks.rules as touchpad_softbutton_top (#1096436) * Tue May 13 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 1.7.6-1 - synaptics 1.7.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1096436 - Please add W540 to 70-touchpad-quirks.rules as touchpad_softbutton_top https://bugzilla.redhat.com/show_bug.cgi?id=1096436 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-server-1.14.4-9.fc20 (FEDORA-2014-6346) X.Org X11 X server -------------------------------------------------------------------------------- Update Information: Revert button mapping for Evoluent Vertical mouse, the default mapping matches the manufacturer's documentation -------------------------------------------------------------------------------- ChangeLog: * Wed May 14 2014 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 1.14.4-9 - Revert button mapping for Evoluent Vertical mouse, the default mapping matches the manufacturer's documentation (#612140) * Tue Apr 8 2014 Ray Strode <rstrode@xxxxxxxxxx> 1.14.4-8 - Apply Daniel Stone's off-by-one fix to one of the wayland patches -------------------------------------------------------------------------------- References: [ 1 ] Bug #612140 - please make Evoluent VerticalMouse 3 work out of the box https://bugzilla.redhat.com/show_bug.cgi?id=612140 -------------------------------------------------------------------------------- ================================================================================ zabbix-2.0.12-1.fc20 (FEDORA-2014-6373) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: http://www.zabbix.com/rn2.0.12.php -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2014 Volker Fröhlich <volker27@xxxxxx> - 2.0.12-1 - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095926 - CVE-2014-1685 zabbix: unauthorized modification of user media via Zabbix Admin users https://bugzilla.redhat.com/show_bug.cgi?id=1095926 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
